2020-02-08 07:51:41 +00:00
|
|
|
require 'rails_helper'
|
|
|
|
|
|
|
|
RSpec.describe 'Inbox Member API', type: :request do
|
|
|
|
let(:account) { create(:account) }
|
|
|
|
let(:inbox) { create(:inbox, account: account) }
|
|
|
|
|
2021-09-14 06:25:02 +00:00
|
|
|
describe 'GET /api/v1/accounts/{account.id}/inbox_members/:id' do
|
|
|
|
let(:inbox_member) { create(:inbox_member, inbox: inbox) }
|
|
|
|
|
|
|
|
context 'when it is an unauthenticated user' do
|
|
|
|
it 'returns unauthorized' do
|
|
|
|
get "/api/v1/accounts/#{account.id}/inbox_members/#{inbox.id}"
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when it is an authenticated user with out access to inbox' do
|
|
|
|
let(:agent) { create(:user, account: account, role: :agent) }
|
|
|
|
|
|
|
|
it 'returns inbox member' do
|
|
|
|
get "/api/v1/accounts/#{account.id}/inbox_members/#{inbox.id}",
|
|
|
|
headers: agent.create_new_auth_token,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when it is an authenticated user with access to inbox' do
|
|
|
|
let(:agent) { create(:user, account: account, role: :agent) }
|
|
|
|
|
|
|
|
it 'returns inbox member' do
|
|
|
|
create(:inbox_member, user: agent, inbox: inbox)
|
|
|
|
|
|
|
|
get "/api/v1/accounts/#{account.id}/inbox_members/#{inbox.id}",
|
|
|
|
headers: agent.create_new_auth_token,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
expect(JSON.parse(response.body)['payload'].pluck('id')).to eq(inbox.inbox_members.pluck(:user_id))
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2020-03-09 17:57:10 +00:00
|
|
|
describe 'POST /api/v1/accounts/{account.id}/inbox_members' do
|
2020-02-08 07:51:41 +00:00
|
|
|
context 'when it is an unauthenticated user' do
|
|
|
|
it 'returns unauthorized' do
|
2020-03-09 17:57:10 +00:00
|
|
|
post "/api/v1/accounts/#{account.id}/inbox_members"
|
2020-02-08 07:51:41 +00:00
|
|
|
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-06-11 06:14:31 +00:00
|
|
|
context 'when it is an authenticated agent' do
|
2020-02-08 07:51:41 +00:00
|
|
|
let(:agent) { create(:user, account: account, role: :agent) }
|
|
|
|
|
2021-06-11 06:14:31 +00:00
|
|
|
before do
|
|
|
|
create(:inbox_member, user: agent, inbox: inbox)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns unauthorized' do
|
2020-02-08 07:51:41 +00:00
|
|
|
params = { inbox_id: inbox.id, user_ids: [agent.id] }
|
|
|
|
|
2020-03-09 17:57:10 +00:00
|
|
|
post "/api/v1/accounts/#{account.id}/inbox_members",
|
2020-02-08 07:51:41 +00:00
|
|
|
headers: agent.create_new_auth_token,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
|
2021-06-11 06:14:31 +00:00
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-09-14 06:25:02 +00:00
|
|
|
context 'when it is an administrator' do
|
2021-06-11 06:14:31 +00:00
|
|
|
let(:administrator) { create(:user, account: account, role: :administrator) }
|
2021-09-14 06:25:02 +00:00
|
|
|
let(:old_agent) { create(:user, account: account, role: :agent) }
|
|
|
|
let(:agent_to_add) { create(:user, account: account, role: :agent) }
|
2021-06-11 06:14:31 +00:00
|
|
|
|
2021-09-14 06:25:02 +00:00
|
|
|
before do
|
|
|
|
create(:inbox_member, user: old_agent, inbox: inbox)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'add inbox members' do
|
|
|
|
params = { inbox_id: inbox.id, user_ids: [agent_to_add.id] }
|
2021-06-11 06:14:31 +00:00
|
|
|
|
|
|
|
post "/api/v1/accounts/#{account.id}/inbox_members",
|
|
|
|
headers: administrator.create_new_auth_token,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
|
2020-02-08 07:51:41 +00:00
|
|
|
expect(response).to have_http_status(:success)
|
2021-09-14 06:25:02 +00:00
|
|
|
expect(inbox.inbox_members&.count).to eq(2)
|
|
|
|
expect(inbox.inbox_members&.second&.user).to eq(agent_to_add)
|
2020-02-08 07:51:41 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders not found when inbox not found' do
|
2021-09-14 06:25:02 +00:00
|
|
|
params = { inbox_id: nil, user_ids: [agent_to_add.id] }
|
2020-02-08 07:51:41 +00:00
|
|
|
|
2020-03-09 17:57:10 +00:00
|
|
|
post "/api/v1/accounts/#{account.id}/inbox_members",
|
2021-06-11 06:14:31 +00:00
|
|
|
headers: administrator.create_new_auth_token,
|
2020-02-08 07:51:41 +00:00
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:not_found)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders error on invalid params' do
|
|
|
|
params = { inbox_id: inbox.id, user_ids: ['invalid'] }
|
|
|
|
|
2020-03-09 17:57:10 +00:00
|
|
|
post "/api/v1/accounts/#{account.id}/inbox_members",
|
2021-06-11 06:14:31 +00:00
|
|
|
headers: administrator.create_new_auth_token,
|
2020-02-08 07:51:41 +00:00
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:unprocessable_entity)
|
2021-09-14 06:25:02 +00:00
|
|
|
expect(response.body).to include('User must exist')
|
2020-02-08 07:51:41 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-09-14 06:25:02 +00:00
|
|
|
describe 'PATCH /api/v1/accounts/{account.id}/inbox_members' do
|
2020-02-08 07:51:41 +00:00
|
|
|
context 'when it is an unauthenticated user' do
|
|
|
|
it 'returns unauthorized' do
|
2021-09-14 06:25:02 +00:00
|
|
|
patch "/api/v1/accounts/#{account.id}/inbox_members"
|
2020-02-08 07:51:41 +00:00
|
|
|
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-09-14 06:25:02 +00:00
|
|
|
context 'when it is an authenticated agent' do
|
2020-02-08 07:51:41 +00:00
|
|
|
let(:agent) { create(:user, account: account, role: :agent) }
|
|
|
|
|
2021-09-14 06:25:02 +00:00
|
|
|
before do
|
|
|
|
create(:inbox_member, user: agent, inbox: inbox)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'returns unauthorized' do
|
|
|
|
params = { inbox_id: inbox.id, user_ids: [agent.id] }
|
|
|
|
|
|
|
|
patch "/api/v1/accounts/#{account.id}/inbox_members",
|
|
|
|
headers: agent.create_new_auth_token,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
2021-06-11 06:14:31 +00:00
|
|
|
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-09-14 06:25:02 +00:00
|
|
|
context 'when it is an administrator' do
|
|
|
|
let(:administrator) { create(:user, account: account, role: :administrator) }
|
|
|
|
let(:old_agent) { create(:user, account: account, role: :agent) }
|
|
|
|
let(:agent_to_add) { create(:user, account: account, role: :agent) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
create(:inbox_member, user: old_agent, inbox: inbox)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'modifies inbox members' do
|
|
|
|
params = { inbox_id: inbox.id, user_ids: [agent_to_add.id] }
|
|
|
|
|
|
|
|
patch "/api/v1/accounts/#{account.id}/inbox_members",
|
|
|
|
headers: administrator.create_new_auth_token,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:success)
|
|
|
|
expect(inbox.inbox_members&.count).to eq(1)
|
|
|
|
expect(inbox.inbox_members&.first&.user).to eq(agent_to_add)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders not found when inbox not found' do
|
|
|
|
params = { inbox_id: nil, user_ids: [agent_to_add.id] }
|
|
|
|
|
|
|
|
patch "/api/v1/accounts/#{account.id}/inbox_members",
|
|
|
|
headers: administrator.create_new_auth_token,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:not_found)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders error on invalid params' do
|
|
|
|
params = { inbox_id: inbox.id, user_ids: ['invalid'] }
|
|
|
|
|
|
|
|
patch "/api/v1/accounts/#{account.id}/inbox_members",
|
|
|
|
headers: administrator.create_new_auth_token,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:unprocessable_entity)
|
|
|
|
expect(response.body).to include('User must exist')
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'DELETE /api/v1/accounts/{account.id}/inbox_members' do
|
|
|
|
context 'when it is an unauthenticated user' do
|
|
|
|
it 'returns unauthorized' do
|
|
|
|
delete "/api/v1/accounts/#{account.id}/inbox_members"
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when it is an authenticated agent' do
|
2021-06-11 06:14:31 +00:00
|
|
|
let(:agent) { create(:user, account: account, role: :agent) }
|
|
|
|
|
2021-09-14 06:25:02 +00:00
|
|
|
before do
|
2021-06-11 06:14:31 +00:00
|
|
|
create(:inbox_member, user: agent, inbox: inbox)
|
2021-09-14 06:25:02 +00:00
|
|
|
end
|
2021-06-11 06:14:31 +00:00
|
|
|
|
2021-09-14 06:25:02 +00:00
|
|
|
it 'returns unauthorized' do
|
|
|
|
params = { inbox_id: inbox.id, user_ids: [agent.id] }
|
|
|
|
|
|
|
|
delete "/api/v1/accounts/#{account.id}/inbox_members",
|
|
|
|
headers: agent.create_new_auth_token,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:unauthorized)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when it is an administrator' do
|
|
|
|
let(:administrator) { create(:user, account: account, role: :administrator) }
|
|
|
|
let(:old_agent) { create(:user, account: account, role: :agent) }
|
|
|
|
let(:agent_to_delete) { create(:user, account: account, role: :agent) }
|
|
|
|
let(:non_member_agent) { create(:user, account: account, role: :agent) }
|
|
|
|
|
|
|
|
before do
|
|
|
|
create(:inbox_member, user: old_agent, inbox: inbox)
|
|
|
|
create(:inbox_member, user: agent_to_delete, inbox: inbox)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'deletes inbox members' do
|
|
|
|
params = { inbox_id: inbox.id, user_ids: [agent_to_delete.id] }
|
|
|
|
|
|
|
|
delete "/api/v1/accounts/#{account.id}/inbox_members",
|
|
|
|
headers: administrator.create_new_auth_token,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
2020-02-08 07:51:41 +00:00
|
|
|
|
|
|
|
expect(response).to have_http_status(:success)
|
2021-09-14 06:25:02 +00:00
|
|
|
expect(inbox.inbox_members&.count).to eq(1)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders not found when inbox not found' do
|
|
|
|
params = { inbox_id: nil, user_ids: [agent_to_delete.id] }
|
|
|
|
|
|
|
|
delete "/api/v1/accounts/#{account.id}/inbox_members",
|
|
|
|
headers: administrator.create_new_auth_token,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:not_found)
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders error on invalid params' do
|
|
|
|
params = { inbox_id: inbox.id, user_ids: ['invalid'] }
|
|
|
|
|
|
|
|
delete "/api/v1/accounts/#{account.id}/inbox_members",
|
|
|
|
headers: administrator.create_new_auth_token,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:not_found)
|
|
|
|
expect(response.body).to include('Resource could not be found')
|
|
|
|
end
|
|
|
|
|
|
|
|
it 'renders error on non member params' do
|
|
|
|
params = { inbox_id: inbox.id, user_ids: [non_member_agent.id] }
|
|
|
|
|
|
|
|
delete "/api/v1/accounts/#{account.id}/inbox_members",
|
|
|
|
headers: administrator.create_new_auth_token,
|
|
|
|
params: params,
|
|
|
|
as: :json
|
|
|
|
|
|
|
|
expect(response).to have_http_status(:not_found)
|
|
|
|
expect(response.body).to include('Resource could not be found')
|
2020-02-08 07:51:41 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|